Cloud Security Engineer

Job Title: Cloud SecOps Engineer

About the Role

We are seeking a highly skilled and motivated Cloud SecOps Engineer with a strong background in securing AWS environments. In this pivotal role, you will be responsible for enhancing the security posture of our platform, which supports both Linux and Windows workloads. Your expertise will be essential in maintaining robust governance, risk, and compliance (GRC) frameworks, actively contributing to our SOC2 and TX-RAMP compliance programs. You’ll be a key player in a results-oriented team dedicated to protecting Encoura’s systems and sensitive data.

This position requires a detail-oriented professional capable of swiftly assessing existing processes and systems to identify and implement optimizations for security controls and practices. You will collaborate closely with our application development and DevOps teams, advising on secure delivery practices for our AWS-based platforms and products. A crucial part of your role will involve aligning account permissions and access levels to business requirements while adhering to stringent audit and compliance standards. Additionally, you will conduct regular security audits to ensure our platforms consistently meet relevant compliance benchmarks.

You’ll be working with a modern technology stack that includes but is not limited to: AWS Core Services, API Gateway, Lambda, Sumo Logic, Datadog, Docker, Linux, Windows, Okta, PostgreSQL, MS SQL Server, MongoDB, Databricks, Node.JS, Python, Kubernetes, GitHub, GitHub Actions, StackHawk, JIRA & Confluence, LaunchDarkly, GraphQL, OneTrust, Tenable, CrowdStrike, and Snowflake.

What You’ll Do

As our Cloud SecOps Engineer, your day-to-day responsibilities will involve a dynamic mix of proactive security enhancements, compliance activities, and operational support. Key areas include:

• Managing and tracking risk & compliance activities against industry standards (e.g., NIST) and regulatory requirements (e.g., CCPA), with specific focus on SOC2 and TX-RAMP.
• Overseeing the lifecycle of vulnerability management, including tracking, prioritization, and remediation planning for system patches and identified issues.
• Evaluating and recommending strategic additions or modifications to our existing suite of AWS security-minded services.
• Partnering with our managed security service provider to effectively triage and respond to potential security incidents.
• Enhancing visibility into security events by growing and refining the data streams fed into our SIEM platform.
• Developing insightful security reports and dashboards tailored for both executive leadership and technical teams.
• Designing and implementing our strategy for robust security system alerting and monitoring.
• Conducting regular inventory and auditing of system access levels to ensure alignment with the principle of least privilege.
• Providing critical security-minded operational support for our applications and platforms as needed.
• Collaborating strategically with development teams on security architecture decisions early in the development lifecycle.
• Implementing comprehensive tagging and reporting methodologies to effectively measure the risk and impact of security events.
• Developing a deep functional understanding of all Encoura applications to better inform security strategies.
• Participating in an on-call rotation to address urgent security or potential security-related issues.

Your Journey with Encoura

We are invested in your growth and success. Here’s a glimpse into what you can expect in your first year:

Within 1 Month:

You will immerse yourself in understanding Encoura’s mission, team dynamics, and key security priorities. You’ll begin familiarizing yourself with our current infrastructure and processes related to security tasks, compliance support, and risk mitigation efforts.

Within 3 Months:

You’ll be actively supporting your security team members, providing crucial tactical assistance for product security initiatives, refining processes, and gathering essential evidence to support our SOC2 audits.

Within 6 Months:

You will start taking ownership of specific areas within our security landscape, proactively identifying opportunities for improvement and implementing security-minded enhancements across our systems and processes.

Within 1 Year:

You will be a fully integrated and integral part of the security team, playing a significant role in securing Encoura’s systems and data. You will continue to learn, grow your expertise, and contribute significantly to our evolving security strategy.

What You’ll Bring

We are looking for a professional with a blend of technical expertise, a security-first mindset, and a collaborative spirit.

Required Experience & Skills:

• Proven experience in the secure delivery of applications within a complex AWS-based micro-services application environment.
• Strong command of AWS security tooling and services (e.g., Security Hub, GuardDuty, Inspector, WAF, KMS, Secrets Manager).
• Deep understanding and practical experience with AWS-based IAM roles and accounts.
• Proficiency with AWS CloudWatch and Athena for logging, monitoring, and analysis.
• Demonstrated proficiency in using the AWS console and CLI.
• At least 3+ years of hands-on experience securing a similarly complex AWS environment.
• Minimum of 5+ years of overall IT experience, specifically focusing on designing and implementing security solutions.
• Exceptional scripting and automation skills – you possess a mindset that repetitive tasks can and should be automated.
• Direct experience troubleshooting, securing, and improving existing AWS cloud environments.
• Familiarity with microservice architecture concepts as they relate to security, particularly their implementation within AWS.
• Experience installing, configuring, managing, and patching systems in both cloud-based and on-premises environments.
• A robust security foundation – you habitually consider potential compromise scenarios (“what happens if this system is compromised?”).
• Experience collaborating effectively with application development teams working within Agile methodologies (e.g., Agile/Scrum/Kanban).
• Ability to effectively balance critical security requirements with budgetary considerations.
• Solid experience with Linux and Windows administration from a security perspective.
• General Information Security experience is highly preferred.

Education & Certifications:

• Bachelor’s degree in Computer Science, Software Engineering, or a related technical field, or a Bachelor’s in an unrelated field combined with at least 5 years of relevant professional technology experience.
• AWS Security – Specialty certification is strongly preferred.
• Additional AWS certifications or other relevant security certifications (e.g., CISSP, Security+) are a plus.

Personal Attributes:

• A detail-oriented, data-driven decision-maker who appreciates simplicity in system architecture.
• A collaborative team player comfortable mentoring others and communicating effectively across different teams.

Beyond the Role: What We Offer

Joining Encoura means becoming part of a mission-driven organization that values its people. We offer a comprehensive benefits package designed to support your well-being and professional growth:

• A strong mission-driven culture focused on making a real impact in education.
• Comprehensive health and benefits package.
• Generous 401k company match that vests immediately upon participation.
• Paid holidays and a flexible, generous PTO policy.
• Supportive paid parental leave.

About Encoura

Encoura’s mission is to empower students and institutions to create meaningful connections, enabling everyone to make the most informed decisions to achieve their goals. Since 1972, we have continuously evolved our products and services to strengthen the vital link between students and higher education institutions, significantly increasing the probability of student success.

With the launch of the Encoura platform in 2017, we deliver custom technology solutions that seamlessly integrate Eduventures research, data science, strategic enrollment expertise, and multichannel marketing services to serve over 2,000 higher education institutions. We also proudly offer Encourage®—the nation’s largest free college and career planning program, utilized by millions of high school students and educators nationwide.

It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. All applicants must be eligible to work in the U.S.

Encoura endeavors to make reasonable accommodations for applicants with disabilities and disabled veterans pursuant to applicable federal and state law. If you are an individual with a disability and require reasonable accommodation to complete any part of the application process or are limited in the ability and need an alternative method for applying, please contact the Talent Team.

Applicants from California, please review the CA HR Privacy Notice. To review our privacy policy, please click this link: https://encoura.org/privacy-policy/

“